NEUTRON-L3 HA VRRP Configuration

The Juno version of L3 Ha employs the Keepalived tool, which implements the VRRP protocol internally. First to introduce the following VRRP:

VRRP Introduction

VRRP is a routing fault-tolerant protocol, or it can be called a backup routing protocol. All hosts in a local area network set the default route, and when the destination address of the network host is not in this segment, the message will be sent to the external router through the default route, thus realizing the communication between the host and the external network. When the default router is down (that is, the port is off), the internal host will not be able to communicate with the external, and if the router is set to VRRP, then the virtual route will enable the backup router, thereby enabling full network communication. (Selected from Baidu Encyclopedia: Virtual Routing Redundancy Protocol)

Internal implementation Flowchart:

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/5D/B3/wKioL1UjjOGy6C-yAAGvjeDFVCA465.jpg "title=" L3_ha_ Proposal_dedicated_net.png "alt=" Wkiol1ujjogy6c-yaagvjedfvca465.jpg "/>

Specific configuration

#  My Environment  #  system:  centos7 x86_64# l3_agent: node-191, node-192[[email  protected] ~ (keystone_admin)]# yum install keepalived -y    #   Install keepalived Package [[Email protected] neutron (Keystone_admin)]# cat /etc/neutron/l3_ Agent.ini [default]interface_driver = neutron.agent.linux.interface.ovsinterfacedriverovs_use_ Veth = trueuse_namespaces = trueexternal_network_bridge = br-exrouter_delete_ namespaces = truel3_ha = true                         #  on these three, the default is FALSEMAX_L3 _agents_per_router = 2  min_l3_agents_per_router = 2[[email protected]  neutron (keystone_admin)]# systemctl restart neutron-server.service^ ceutron-l3-agent.service neutron-openvswitch-agent.service   #  Restart related services [[email protected] ~ (Keystone_admin)]# yum install  keepalived -y    #  Install the keepalived package [[Email protected] neutron ( Keystone_admin)]# cat /etc/neutron/l3_agent.ini [default]interface_driver =  neutron.agent.linux.interface.ovsinterfacedriverovs_use_veth = trueuse_namespaces =  Trueexternal_network_bridge = br-exrouter_delete_namespaces = truel3_ha = true                          #  on these three, the default is Falsemax_l3_agents_per_router = 2  min_ L3_agents_per_router = 2[[email protected] neutron (keystone_admin)]# systemctl  restart neutron-server.service^ceutron-l3-agent.service neutron-openvswitch-agent.service    #  Restart related services

Use

When creating router on dashboard, it is not possible to specify whether HA can be created only through the CLI, in the following format:

[[Email protected] ~ (keystone_admin)]# neutron router-create--ha {True,false} router name

Create Ha router, and the corresponding network, dashboard can not display the corresponding topology (still do not know whether the bug)

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/5D/BB/wKiom1UjpTWzKFPYAACcQrbilqk814.jpg "title=" ke2%w$ O9]]47vde8tkh0@{b.png "alt=" Wkiom1ujptwzkfpyaaccqrbilqk814.jpg "/>

#  View node-191, node-192 's namespace[[email protected] ~ (keystone_admin)]# ip netns |  grep qrouterqrouter-25b9d299-ed2a-469f-8246-1d24ac6f0e15[[email protected] ~ (Keystone_ Admin)]#  ip netns | grep qrouterqrouter-25b9d299-ed2a-469f-8246-1d24ac6f0e15    #   the same namespace#  go into the node-191 router namespace and see some network configuration conditions [[email  protected] ~ (keystone_admin)]# ip netns exec  qrouter-25b9d299-ed2a-469f-8246-1d24ac6f0e15 bash[[email protected] ~ (keystone_admin)]#  ifconfig ha-a7a786c4-4a: flags=4163<up,broadcast,running,multicast>  mtu 1500         inet 169.254.192.3  netmask 255.255.192.0 &NBSP;&NBSP;BROADCAST&NBSP;169.254.255.255&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;&NBSP;INET6&NBSP;FE80:: F816:3eff:fe14:e40f  prefixlen 64  scopeid 0x20<link>        ether fa:16:3e:14:e4:0f   txqueuelen 1000   (Ethernet)         RX  packets 1153  bytes 62554  (61.0 kib)          RX errors 0  dropped 0  overruns 0  frame 0         TX packets 17  bytes 1278  (1.2  KiB)         TX errors 0  dropped 0  Overruns 0  carrier 0  collisions 0lo: flags=73<up,loopback,running >  mtu 65536        inet 127.0.0.1   Netmask 255.0.0.0        inet6 ::1  prefixlen  128  scopeid 0x10

Limit
Each tenant can have up to 255 ha of virtual router, because Vrid has only 8 bits. And every tenant can only have one
Administrative network

Reference links
Https://wiki.openstack.org/wiki/Neutron/L3_High_Availability_VRRP
Http://www.openstack.cn/p2510.html
This article is from the "The-way-to-cloud" blog, make sure to keep this source http://iceyao.blog.51cto.com/9426658/1629720
NEUTRON-L3 HA VRRP Configuration